npm - ummaya - Versions diffs - 0.2.3 → 0.2.5 - Mend

ummaya 0.2.3 → 0.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (534) hide show

package/README.md +17 -3
package/bin/ummaya +10 -1
package/npm-shrinkwrap.json +253 -2
package/package.json +5 -1
package/prompts/manifest.yaml +2 -2
package/prompts/session_guidance_v1.md +3 -1
package/prompts/system_v1.md +9 -7
package/pyproject.toml +26 -7
package/specs/2803-document-production-hardening/contracts/document-tools.schema.json +1043 -0
package/src/ummaya/_canonical/__init__.py +2 -0
package/src/ummaya/context/builder.py +17 -11
package/src/ummaya/engine/engine.py +30 -113
package/src/ummaya/engine/query.py +20 -0
package/src/ummaya/evidence/__init__.py +44 -0
package/src/ummaya/evidence/__main__.py +7 -0
package/src/ummaya/evidence/dataset_contract.py +193 -0
package/src/ummaya/evidence/document_authoring_cases.py +33 -0
package/src/ummaya/evidence/document_harness.py +313 -0
package/src/ummaya/evidence/document_viewer_ux.py +391 -0
package/src/ummaya/evidence/gates.py +70 -0
package/src/ummaya/evidence/json_types.py +20 -0
package/src/ummaya/evidence/models.py +145 -0
package/src/ummaya/evidence/output_payload.py +89 -0
package/src/ummaya/evidence/payload_documents.py +233 -0
package/src/ummaya/evidence/route_contracts.py +224 -0
package/src/ummaya/evidence/route_helpers.py +150 -0
package/src/ummaya/evidence/runner.py +177 -0
package/src/ummaya/evidence/source_provenance.py +246 -0
package/src/ummaya/evidence/source_provenance_redaction.py +176 -0
package/src/ummaya/evidence/task_registry.py +264 -0
package/src/ummaya/evidence/tool_layer.py +39 -0
package/src/ummaya/evidence/tool_layer_models.py +151 -0
package/src/ummaya/ipc/adapter_manifest_emitter.py +26 -10
package/src/ummaya/ipc/document_intent_normalization.py +185 -0
package/src/ummaya/ipc/frame_schema.py +52 -5
package/src/ummaya/ipc/route_diagnostics.py +73 -0
package/src/ummaya/ipc/stdio.py +2282 -417
package/src/ummaya/llm/client.py +234 -59
package/src/ummaya/llm/config.py +8 -3
package/src/ummaya/llm/reasoning.py +84 -0
package/src/ummaya/primitives/__init__.py +6 -2
package/src/ummaya/primitives/delegation.py +1 -1
package/src/ummaya/primitives/document.py +28 -0
package/src/ummaya/settings.py +0 -3
package/src/ummaya/tools/discovery_bridge.py +34 -2
package/src/ummaya/tools/documents/__init__.py +297 -0
package/src/ummaya/tools/documents/adapter_registry.py +487 -0
package/src/ummaya/tools/documents/archive_container_probe.py +167 -0
package/src/ummaya/tools/documents/artifact_store.py +454 -0
package/src/ummaya/tools/documents/authoring.py +283 -0
package/src/ummaya/tools/documents/baselines.py +114 -0
package/src/ummaya/tools/documents/capability.py +331 -0
package/src/ummaya/tools/documents/contracts.py +112 -0
package/src/ummaya/tools/documents/conversion.py +521 -0
package/src/ummaya/tools/documents/diff.py +275 -0
package/src/ummaya/tools/documents/engines.py +163 -0
package/src/ummaya/tools/documents/evaluation.py +291 -0
package/src/ummaya/tools/documents/explicit_values.py +108 -0
package/src/ummaya/tools/documents/fixtures.py +174 -0
package/src/ummaya/tools/documents/format_completion_audit.py +471 -0
package/src/ummaya/tools/documents/formats/__init__.py +2 -0
package/src/ummaya/tools/documents/formats/archive.py +528 -0
package/src/ummaya/tools/documents/formats/base.py +41 -0
package/src/ummaya/tools/documents/formats/code_file.py +211 -0
package/src/ummaya/tools/documents/formats/data_file.py +272 -0
package/src/ummaya/tools/documents/formats/hwp.py +284 -0
package/src/ummaya/tools/documents/formats/hwpx.py +1837 -0
package/src/ummaya/tools/documents/formats/odf.py +435 -0
package/src/ummaya/tools/documents/formats/ooxml.py +1030 -0
package/src/ummaya/tools/documents/formats/passive.py +766 -0
package/src/ummaya/tools/documents/formats/pdf.py +702 -0
package/src/ummaya/tools/documents/formats/text_web.py +268 -0
package/src/ummaya/tools/documents/hwp_conversion_probe.py +178 -0
package/src/ummaya/tools/documents/hwp_direct_candidate.py +141 -0
package/src/ummaya/tools/documents/inspection.py +289 -0
package/src/ummaya/tools/documents/intake.py +1079 -0
package/src/ummaya/tools/documents/legacy_office_promotion_probe.py +366 -0
package/src/ummaya/tools/documents/models.py +1598 -0
package/src/ummaya/tools/documents/odf_promotion_probe.py +167 -0
package/src/ummaya/tools/documents/orchestrator.py +96 -0
package/src/ummaya/tools/documents/passive_capability_probe.py +251 -0
package/src/ummaya/tools/documents/patch.py +170 -0
package/src/ummaya/tools/documents/pdfa_conformance.py +284 -0
package/src/ummaya/tools/documents/pdfa_promotion_probe.py +198 -0
package/src/ummaya/tools/documents/permissions.py +110 -0
package/src/ummaya/tools/documents/planner.py +616 -0
package/src/ummaya/tools/documents/registry.py +2733 -0
package/src/ummaya/tools/documents/render.py +978 -0
package/src/ummaya/tools/documents/render_comparison.py +113 -0
package/src/ummaya/tools/documents/render_comparison_models.py +74 -0
package/src/ummaya/tools/documents/render_comparison_regions.py +73 -0
package/src/ummaya/tools/documents/render_comparison_style.py +161 -0
package/src/ummaya/tools/documents/reread.py +157 -0
package/src/ummaya/tools/documents/runtime_authoring.py +244 -0
package/src/ummaya/tools/documents/runtime_authoring_bundle.py +76 -0
package/src/ummaya/tools/documents/scorecard.py +184 -0
package/src/ummaya/tools/documents/socratic_planner.py +193 -0
package/src/ummaya/tools/documents/style.py +48 -0
package/src/ummaya/tools/documents/tool_defs.py +523 -0
package/src/ummaya/tools/documents/validate.py +347 -0
package/src/ummaya/tools/executor.py +61 -12
package/src/ummaya/tools/geocoding/kakao_client.py +1 -2
package/src/ummaya/tools/kma/apihub_catalog.py +984 -1
package/src/ummaya/tools/kma/apihub_structured_adapter.py +86 -6
package/src/ummaya/tools/kma/apihub_url_adapter.py +593 -0
package/src/ummaya/tools/kma/apihub_url_catalog.py +296 -0
package/src/ummaya/tools/live_proxy.py +0 -3
package/src/ummaya/tools/location_adapters.py +8 -6
package/src/ummaya/tools/manifest_metadata.py +16 -3
package/src/ummaya/tools/models.py +5 -1
package/src/ummaya/tools/mvp_surface.py +2 -2
package/src/ummaya/tools/nmc/emergency_search.py +8 -6
package/src/ummaya/tools/register_all.py +17 -0
package/src/ummaya/tools/registry.py +10 -1
package/src/ummaya/tools/resolve_location.py +4 -4
package/src/ummaya/tools/routing/__init__.py +59 -0
package/src/ummaya/tools/routing/builder.py +105 -0
package/src/ummaya/tools/routing/cards.py +29 -0
package/src/ummaya/tools/routing/decision_service.py +534 -0
package/src/ummaya/tools/routing/decision_types.py +74 -0
package/src/ummaya/tools/routing/feasibility.py +122 -0
package/src/ummaya/tools/routing/intent.py +17 -0
package/src/ummaya/tools/routing/intent_extractor.py +207 -0
package/src/ummaya/tools/routing/intent_patterns.py +160 -0
package/src/ummaya/tools/routing/intent_public_data.py +150 -0
package/src/ummaya/tools/routing/intent_types.py +48 -0
package/src/ummaya/tools/routing/lint.py +78 -0
package/src/ummaya/tools/routing/metadata.py +174 -0
package/src/ummaya/tools/routing/projection.py +340 -0
package/src/ummaya/tools/routing/retrieval_policy.py +629 -0
package/src/ummaya/tools/routing/schema.py +81 -0
package/src/ummaya/tools/routing/types.py +96 -0
package/src/ummaya/tools/routing_index.py +2 -2
package/src/ummaya/tools/search.py +40 -106
package/src/ummaya/tools/verified_data_go_kr/_manifest.py +115 -25
package/src/ummaya/tools/verified_data_go_kr/airkorea_air_quality.py +109 -4
package/src/ummaya/tools/verified_data_go_kr/nmc_aed_site.py +108 -2
package/src/ummaya/tools/verified_data_go_kr/pps_bid_public_info.py +174 -9
package/src/ummaya/tools/verified_data_go_kr/tago_bus_arrival.py +66 -3
package/src/ummaya/tools/verified_data_go_kr/tago_bus_location.py +12 -2
package/src/ummaya/tools/verified_data_go_kr/tago_bus_route.py +8 -2
package/src/ummaya/tools/verified_data_go_kr/tago_bus_route_station.py +114 -0
package/src/ummaya/tools/verified_data_go_kr/tago_bus_station.py +14 -3
package/src/ummaya/tools/verify_canonical_map.py +21 -0
package/tests/fixtures/documents/public_forms/baselines.yaml +113 -0
package/tui/package.json +1 -2
package/tui/src/.cc-byte-identical-whitelist.yaml +266 -0
package/tui/src/QueryEngine.ts +12 -4
package/tui/src/bridge/inboundAttachments.ts +3 -3
package/tui/src/cli/handlers/auth.ts +4 -13
package/tui/src/cli/handlers/mcp.tsx +3 -3
package/tui/src/cli/print.ts +69 -18
package/tui/src/cli/update.ts +13 -13
package/tui/src/commands/copy/index.ts +1 -1
package/tui/src/commands/cost/cost.ts +2 -2
package/tui/src/commands/init-verifiers.ts +5 -5
package/tui/src/commands/init.ts +30 -30
package/tui/src/commands/insights.ts +44 -44
package/tui/src/commands/install-github-app/install-github-app.tsx +2 -2
package/tui/src/commands/install-github-app/setupGitHubActions.ts +3 -3
package/tui/src/commands/install-github-app/types.ts +8 -30
package/tui/src/commands/install.tsx +5 -5
package/tui/src/commands/mcp/addCommand.ts +5 -5
package/tui/src/commands/mcp/xaaIdpCommand.ts +2 -2
package/tui/src/commands/plugin/ManageMarketplaces.tsx +2 -2
package/tui/src/commands/plugin/types.ts +6 -28
package/tui/src/commands/plugin/unifiedTypes.ts +4 -26
package/tui/src/commands/reasoning/index.ts +13 -0
package/tui/src/commands/reasoning/reasoning.tsx +177 -0
package/tui/src/commands/rename/generateSessionName.ts +1 -1
package/tui/src/commands/thinkback/thinkback.tsx +3 -3
package/tui/src/commands.ts +2 -0
package/tui/src/components/Feedback.tsx +1 -1
package/tui/src/components/LogoV2/EmergencyTip.tsx +11 -2
package/tui/src/components/LogoV2/WelcomeV2.tsx +1 -3
package/tui/src/components/Messages.tsx +2 -1
package/tui/src/components/ScrollKeybindingHandler.tsx +6 -6
package/tui/src/components/Spinner/types.ts +6 -28
package/tui/src/components/Spinner.tsx +2 -2
package/tui/src/components/agents/generateAgent.ts +1 -1
package/tui/src/components/agents/new-agent-creation/types.ts +4 -26
package/tui/src/components/config/EnvSecretIsolatedEditor.tsx +1 -1
package/tui/src/components/design-system/LoadingState.tsx +2 -2
package/tui/src/components/mcp/types.ts +16 -38
package/tui/src/components/messages/AssistantToolUseMessage.tsx +3 -2
package/tui/src/components/messages/UserCrossSessionMessage.ts +16 -4
package/tui/src/components/messages/UserForkBoilerplateMessage.ts +16 -4
package/tui/src/components/messages/UserGitHubWebhookMessage.ts +16 -4
package/tui/src/components/messages/UserToolResultMessage/utils.tsx +3 -2
package/tui/src/components/permissions/MonitorPermissionRequest/MonitorPermissionRequest.ts +9 -4
package/tui/src/components/permissions/ReviewArtifactPermissionRequest/ReviewArtifactPermissionRequest.ts +9 -4
package/tui/src/components/primitive/DocumentSocraticReviewBlock.tsx +129 -0
package/tui/src/components/primitive/DocumentToolResultCard.tsx +224 -0
package/tui/src/components/primitive/documentSocraticReview.ts +215 -0
package/tui/src/components/primitive/index.tsx +43 -1
package/tui/src/components/primitive/types.ts +137 -0
package/tui/src/components/ui/option.ts +4 -26
package/tui/src/constants/common.ts +0 -2
package/tui/src/constants/prompts.ts +4 -3
package/tui/src/constants/querySource.ts +4 -26
package/tui/src/entrypoints/sdk/controlTypes.ts +26 -48
package/tui/src/entrypoints/sdk/coreTypes.generated.ts +3 -25
package/tui/src/entrypoints/sdk/runtimeTypes.ts +38 -60
package/tui/src/entrypoints/sdk/sdkUtilityTypes.ts +4 -26
package/tui/src/entrypoints/sdk/settingsTypes.generated.ts +3 -25
package/tui/src/entrypoints/sdk/toolTypes.ts +3 -25
package/tui/src/hooks/toolPermission/handlers/interactiveHandler.ts +10 -0
package/tui/src/hooks/useApiKeyVerification.ts +1 -1
package/tui/src/hooks/useVirtualScroll.ts +1 -1
package/tui/src/ink/ink.tsx +33 -14
package/tui/src/ink/reconciler.ts +2 -3
package/tui/src/ink/render-to-screen.ts +30 -10
package/tui/src/ipc/bridge.ts +62 -15
package/tui/src/ipc/bridgeSingleton.ts +5 -1
package/tui/src/ipc/codec.ts +29 -3
package/tui/src/ipc/frames.generated.ts +407 -312
package/tui/src/ipc/llmClient.ts +279 -76
package/tui/src/ipc/llmTypes.ts +16 -1
package/tui/src/ipc/schema/frame.schema.json +1 -3475
package/tui/src/keybindings/defaultBindings.ts +4 -0
package/tui/src/main.tsx +32 -11
package/tui/src/native-ts/file-index/index.ts +33 -3
package/tui/src/observability/surface.ts +2 -2
package/tui/src/probes/toolRegistryProbe.tsx +3 -1
package/tui/src/projectOnboardingState.ts +7 -6
package/tui/src/query/chatMessageTypes.ts +18 -0
package/tui/src/query/chatMessagesBuilder.ts +1 -1
package/tui/src/query/deps.ts +1 -1
package/tui/src/query/messageGuards.ts +106 -0
package/tui/src/query/publicDataTerminalRepair.ts +384 -0
package/tui/src/query/run.ts +1075 -0
package/tui/src/query/supportBoundary.ts +168 -0
package/tui/src/query/toolResultErrors.ts +103 -0
package/tui/src/query/toolRunner.ts +687 -0
package/tui/src/query/unavailableToolRepair.ts +118 -0
package/tui/src/query.ts +9 -1721
package/tui/src/screens/REPL.tsx +42 -31
package/tui/src/services/api/adapterManifest.ts +4 -0
package/tui/src/services/api/backendChat/events.ts +117 -0
package/tui/src/services/api/backendChat/finalMessage.ts +40 -0
package/tui/src/services/api/backendChat/frame.ts +9 -0
package/tui/src/services/api/backendChat/streaming.ts +430 -0
package/tui/src/services/api/backendChat/types.ts +62 -0
package/tui/src/services/api/backendChat.ts +1 -0
package/tui/src/services/api/client.ts +98 -14
package/tui/src/services/api/errorUtils.ts +5 -5
package/tui/src/services/api/errors.ts +1 -1
package/tui/src/services/api/logging.ts +1 -1
package/tui/src/services/api/ummaya/evidence.ts +194 -0
package/tui/src/services/api/ummaya/messages.ts +255 -0
package/tui/src/services/api/ummaya/nonStreaming.ts +66 -0
package/tui/src/services/api/ummaya/provider.ts +200 -0
package/tui/src/services/api/ummaya/reasoning.ts +24 -0
package/tui/src/services/api/ummaya/request.ts +200 -0
package/tui/src/services/api/ummaya/selectionContext.ts +240 -0
package/tui/src/services/api/ummaya/streaming.ts +365 -0
package/tui/src/services/api/ummaya/streamingPayload.ts +129 -0
package/tui/src/services/api/ummaya/streamingReader.ts +40 -0
package/tui/src/services/api/ummaya/toolSelection.ts +217 -0
package/tui/src/services/api/ummaya/types.ts +110 -0
package/tui/src/services/api/ummaya/usage.ts +30 -0
package/tui/src/services/api/ummaya.ts +26 -364
package/tui/src/services/api/withRetry.ts +1 -1
package/tui/src/services/awaySummary.ts +2 -2
package/tui/src/services/claudeAiLimits.ts +1 -1
package/tui/src/services/compact/autoCompact.ts +1 -1
package/tui/src/services/compact/compact.ts +1 -1
package/tui/src/services/lsp/types.ts +8 -30
package/tui/src/services/tips/types.ts +6 -28
package/tui/src/services/tokenEstimation.ts +1 -1
package/tui/src/services/toolRegistry/bootGuard.ts +5 -5
package/tui/src/services/toolUseSummary/toolUseSummaryGenerator.ts +1 -1
package/tui/src/services/tools/toolExecution.ts +94 -1
package/tui/src/skills/bundled/stuck.ts +12 -12
package/tui/src/state/AppStateStore.ts +7 -0
package/tui/src/store/pendingPermissionSlot.ts +1 -1
package/tui/src/store/session-store.ts +10 -36
package/tui/src/stubs/any-stub.ts +15 -10
package/tui/src/stubs/color-diff-napi.ts +37 -23
package/tui/src/stubs/globals.d.ts +3 -3
package/tui/src/stubs/macro-preload.ts +23 -12
package/tui/src/tools/AdapterTool/AdapterTool.ts +1239 -163
package/tui/src/tools/AdapterTool/routeDiagnostics.ts +75 -0
package/tui/src/tools/AgentTool/AgentTool.tsx +84 -1371
package/tui/src/tools/AgentTool/agentToolHandoff.ts +114 -0
package/tui/src/tools/AgentTool/agentToolPartialResult.ts +16 -0
package/tui/src/tools/AgentTool/agentToolProgress.ts +32 -0
package/tui/src/tools/AgentTool/agentToolResolver.ts +161 -0
package/tui/src/tools/AgentTool/agentToolResult.ts +163 -0
package/tui/src/tools/AgentTool/agentToolUtils.ts +14 -686
package/tui/src/tools/AgentTool/asyncAgentLifecycle.ts +208 -0
package/tui/src/tools/AgentTool/asyncLifecycle.ts +153 -0
package/tui/src/tools/AgentTool/backgroundedCompletion.ts +126 -0
package/tui/src/tools/AgentTool/backgroundedLifecycle.ts +174 -0
package/tui/src/tools/AgentTool/foregroundBackground.ts +83 -0
package/tui/src/tools/AgentTool/foregroundDrain.tsx +133 -0
package/tui/src/tools/AgentTool/foregroundFinalize.ts +98 -0
package/tui/src/tools/AgentTool/foregroundLifecycle.tsx +237 -0
package/tui/src/tools/AgentTool/foregroundProgress.tsx +169 -0
package/tui/src/tools/AgentTool/foregroundTask.ts +89 -0
package/tui/src/tools/AgentTool/forkSubagent.ts +1 -12
package/tui/src/tools/AgentTool/forkSubagentGate.ts +34 -0
package/tui/src/tools/AgentTool/launchRouting.ts +203 -0
package/tui/src/tools/AgentTool/lifecycle.ts +244 -0
package/tui/src/tools/AgentTool/mcpRouting.ts +73 -0
package/tui/src/tools/AgentTool/orchestrationSupport.ts +70 -0
package/tui/src/tools/AgentTool/permissions.ts +39 -0
package/tui/src/tools/AgentTool/promptSetup.ts +181 -0
package/tui/src/tools/AgentTool/remoteRouting.ts +62 -0
package/tui/src/tools/AgentTool/resultMapping.ts +116 -0
package/tui/src/tools/AgentTool/resumeAgent.ts +39 -107
package/tui/src/tools/AgentTool/resumeAgentHelpers.ts +140 -0
package/tui/src/tools/AgentTool/runAgent.ts +1 -1
package/tui/src/tools/AgentTool/runtimeConfig.ts +57 -0
package/tui/src/tools/AgentTool/schemas.ts +196 -0
package/tui/src/tools/AgentTool/sourceVerificationPropagation.ts +263 -0
package/tui/src/tools/AgentTool/worktreeLifecycle.ts +105 -0
package/tui/src/tools/AskUserQuestionTool/AskUserQuestionTool.tsx +174 -202
package/tui/src/tools/BashTool/BashTool.tsx +71 -1072
package/tui/src/tools/BashTool/bashCommandHelpers.ts +12 -12
package/tui/src/tools/BashTool/bashPermissions/astPreflight.ts +173 -0
package/tui/src/tools/BashTool/bashPermissions/classifierChecks.ts +199 -0
package/tui/src/tools/BashTool/bashPermissions/compoundGuards.ts +53 -0
package/tui/src/tools/BashTool/bashPermissions/constants.ts +99 -0
package/tui/src/tools/BashTool/bashPermissions/index.ts +38 -0
package/tui/src/tools/BashTool/bashPermissions/legacyMisparsing.ts +62 -0
package/tui/src/tools/BashTool/bashPermissions/main.ts +135 -0
package/tui/src/tools/BashTool/bashPermissions/normalizedCommands.ts +33 -0
package/tui/src/tools/BashTool/bashPermissions/operatorFlow.ts +98 -0
package/tui/src/tools/BashTool/bashPermissions/permissionChecks.ts +200 -0
package/tui/src/tools/BashTool/bashPermissions/prefixSuggestions.ts +88 -0
package/tui/src/tools/BashTool/bashPermissions/promptClassifierRules.ts +125 -0
package/tui/src/tools/BashTool/bashPermissions/ruleDelegates.ts +19 -0
package/tui/src/tools/BashTool/bashPermissions/ruleMatching.ts +145 -0
package/tui/src/tools/BashTool/bashPermissions/sandboxAutoAllow.ts +75 -0
package/tui/src/tools/BashTool/bashPermissions/subcommandFlow.ts +205 -0
package/tui/src/tools/BashTool/bashPermissions/subcommandGuards.ts +73 -0
package/tui/src/tools/BashTool/bashPermissions/subcommandResultHelpers.ts +116 -0
package/tui/src/tools/BashTool/bashPermissions/types.ts +26 -0
package/tui/src/tools/BashTool/bashPermissions/wrapperStripping.ts +139 -0
package/tui/src/tools/BashTool/bashPermissions.ts +26 -2621
package/tui/src/tools/BashTool/call.ts +202 -0
package/tui/src/tools/BashTool/callLoader.ts +35 -0
package/tui/src/tools/BashTool/commandClassification.ts +151 -0
package/tui/src/tools/BashTool/commandClassificationLoader.ts +40 -0
package/tui/src/tools/BashTool/cwdReset.ts +33 -0
package/tui/src/tools/BashTool/lineTruncation.ts +11 -0
package/tui/src/tools/BashTool/modeValidation.ts +13 -1
package/tui/src/tools/BashTool/outputPersistence.ts +42 -0
package/tui/src/tools/BashTool/permissionClassification.ts +66 -0
package/tui/src/tools/BashTool/permissionLoader.ts +44 -0
package/tui/src/tools/BashTool/resultLoader.ts +29 -0
package/tui/src/tools/BashTool/resultMapping.ts +83 -0
package/tui/src/tools/BashTool/sandboxPolicy.ts +79 -0
package/tui/src/tools/BashTool/schemas.ts +65 -0
package/tui/src/tools/BashTool/sedEditExecution.ts +59 -0
package/tui/src/tools/BashTool/shellExecution.tsx +245 -0
package/tui/src/tools/BashTool/shellOutputUtils.ts +85 -0
package/tui/src/tools/BashTool/shellPermissionGauntlet.ts +97 -0
package/tui/src/tools/BashTool/uiLoader.ts +37 -0
package/tui/src/tools/BriefTool/upload.ts +1 -1
package/tui/src/tools/CalculatorTool/parser.ts +2 -2
package/tui/src/tools/DocumentPrimitive/DocumentPrimitive.ts +262 -0
package/tui/src/tools/DocumentPrimitive/dispatchNormalization.ts +270 -0
package/tui/src/tools/DocumentPrimitive/documentDestinationPath.ts +18 -0
package/tui/src/tools/DocumentPrimitive/documentMutationGuard.ts +22 -0
package/tui/src/tools/DocumentPrimitive/documentPatchNormalization.ts +248 -0
package/tui/src/tools/DocumentPrimitive/documentSourceVerification.ts +245 -0
package/tui/src/tools/DocumentPrimitive/documentSourceVerificationFields.ts +103 -0
package/tui/src/tools/DocumentPrimitive/modelVisibleOutput.ts +40 -0
package/tui/src/tools/DocumentPrimitive/prompt.ts +35 -0
package/tui/src/tools/FileEditTool/FileEditTool.ts +9 -507
package/tui/src/tools/FileEditTool/call.ts +228 -0
package/tui/src/tools/FileEditTool/validateInput.ts +196 -0
package/tui/src/tools/FileReadTool/imageProcessor.ts +13 -0
package/tui/src/tools/FileWriteTool/FileWriteTool.ts +7 -300
package/tui/src/tools/FileWriteTool/call.ts +223 -0
package/tui/src/tools/FileWriteTool/validateInput.ts +80 -0
package/tui/src/tools/ListMcpResourcesTool/ListMcpResourcesTool.ts +19 -3
package/tui/src/tools/LookupPrimitive/LookupPrimitive.ts +48 -29
package/tui/src/tools/LookupPrimitive/prompt.ts +6 -7
package/tui/src/tools/MCPTool/trustPolicy.ts +118 -0
package/tui/src/tools/McpAuthTool/McpAuthTool.ts +21 -3
package/tui/src/tools/NotebookEditTool/NotebookEditTool.ts +7 -326
package/tui/src/tools/NotebookEditTool/call.ts +254 -0
package/tui/src/tools/NotebookEditTool/notebookModel.ts +51 -0
package/tui/src/tools/NotebookEditTool/validateInput.ts +142 -0
package/tui/src/tools/PowerShellTool/PowerShellTool.tsx +46 -937
package/tui/src/tools/PowerShellTool/acceptEditsCommandValidation.ts +162 -0
package/tui/src/tools/PowerShellTool/call.ts +179 -0
package/tui/src/tools/PowerShellTool/callLoader.ts +37 -0
package/tui/src/tools/PowerShellTool/commandClassification.ts +86 -0
package/tui/src/tools/PowerShellTool/modeValidation.ts +25 -332
package/tui/src/tools/PowerShellTool/outputPersistence.ts +42 -0
package/tui/src/tools/PowerShellTool/permissionClassification.ts +28 -0
package/tui/src/tools/PowerShellTool/resultLoader.ts +31 -0
package/tui/src/tools/PowerShellTool/resultMapping.ts +75 -0
package/tui/src/tools/PowerShellTool/schemas.ts +40 -0
package/tui/src/tools/PowerShellTool/shellExecution.tsx +258 -0
package/tui/src/tools/PowerShellTool/symlinkModeValidation.ts +44 -0
package/tui/src/tools/PowerShellTool/uiLoader.ts +37 -0
package/tui/src/tools/PowerShellTool/validation.ts +39 -0
package/tui/src/tools/ReadMcpResourceTool/ReadMcpResourceTool.ts +19 -3
package/tui/src/tools/ResolveLocationPrimitive/ResolveLocationPrimitive.ts +30 -19
package/tui/src/tools/ResolveLocationPrimitive/prompt.ts +2 -6
package/tui/src/tools/SkillTool/SkillTool.ts +2 -2
package/tui/src/tools/SubmitPrimitive/SubmitPrimitive.ts +51 -18
package/tui/src/tools/TaskCreateTool/TaskCreateTool.ts +16 -2
package/tui/src/tools/TaskGetTool/TaskGetTool.ts +23 -3
package/tui/src/tools/TaskListTool/TaskListTool.ts +22 -4
package/tui/src/tools/TaskOutputTool/TaskOutputTool.tsx +46 -547
package/tui/src/tools/TaskOutputTool/lookup.ts +216 -0
package/tui/src/tools/TaskOutputTool/render.tsx +257 -0
package/tui/src/tools/TaskOutputTool/schemas.ts +55 -0
package/tui/src/tools/TaskOutputTool/serialization.ts +36 -0
package/tui/src/tools/TaskStopTool/TaskStopTool.ts +10 -0
package/tui/src/tools/TaskUpdateTool/TaskUpdateTool.ts +14 -364
package/tui/src/tools/TaskUpdateTool/completion.ts +62 -0
package/tui/src/tools/TaskUpdateTool/schemas.ts +62 -0
package/tui/src/tools/TaskUpdateTool/serialization.ts +46 -0
package/tui/src/tools/TaskUpdateTool/statusUpdate.ts +247 -0
package/tui/src/tools/TodoWriteTool/TodoWriteTool.ts +21 -2
package/tui/src/tools/ToolSearchTool/ToolSearchTool.ts +21 -302
package/tui/src/tools/ToolSearchTool/ccSupportTools.ts +223 -0
package/tui/src/tools/ToolSearchTool/descriptionCache.ts +50 -0
package/tui/src/tools/ToolSearchTool/keywordSearch.ts +216 -0
package/tui/src/tools/ToolSearchTool/prompt.ts +10 -4
package/tui/src/tools/ToolSearchTool/resultMapping.ts +30 -0
package/tui/src/tools/ToolSearchTool/schemas.ts +30 -0
package/tui/src/tools/ToolSearchTool/searchPool.ts +47 -0
package/tui/src/tools/ToolSearchTool/supportIntentHints.ts +140 -0
package/tui/src/tools/TranslateTool/TranslateTool.ts +1 -1
package/tui/src/tools/VerifyPrimitive/VerifyPrimitive.ts +27 -10
package/tui/src/tools/WebFetchTool/WebFetchTool.ts +43 -138
package/tui/src/tools/WebFetchTool/call.ts +227 -0
package/tui/src/tools/WebFetchTool/resolvedAddressSafety.ts +78 -0
package/tui/src/tools/WebFetchTool/sourceVerification.ts +204 -0
package/tui/src/tools/WebFetchTool/types.ts +23 -0
package/tui/src/tools/WebFetchTool/urlSafety.ts +181 -0
package/tui/src/tools/WebFetchTool/utils.ts +1 -1
package/tui/src/tools/WebSearchTool/UI.tsx +0 -1
package/tui/src/tools/WebSearchTool/WebSearchTool.ts +9 -313
package/tui/src/tools/WebSearchTool/call.ts +33 -0
package/tui/src/tools/WebSearchTool/responseMapping.ts +190 -0
package/tui/src/tools/WebSearchTool/resultBlock.ts +47 -0
package/tui/src/tools/WebSearchTool/schemas.ts +47 -0
package/tui/src/tools/WebSearchTool/toolSchema.ts +12 -0
package/tui/src/tools/WorkspaceToolAdapter/WorkspaceToolAdapter.ts +79 -0
package/tui/src/tools/WorkspaceToolAdapter/allowedRootPolicy.ts +85 -0
package/tui/src/tools/WorkspaceToolAdapter/documentFormatGuards.ts +73 -0
package/tui/src/tools/WorkspaceToolAdapter/inputNormalization.ts +105 -0
package/tui/src/tools/WorkspaceToolAdapter/mcpExposurePolicy.ts +64 -0
package/tui/src/tools/WorkspaceToolAdapter/toolDefFactory.ts +215 -0
package/tui/src/tools/WorkspaceToolAdapter/toolNames.ts +6 -0
package/tui/src/tools/WorkspaceToolAdapter/workspacePolicy.ts +15 -0
package/tui/src/tools/_shared/citizenUserText.ts +49 -0
package/tui/src/tools/_shared/dispatchPrimitive.ts +6 -6
package/tui/src/tools/_shared/documentChangeToPatch.ts +125 -0
package/tui/src/tools/_shared/documentDispatchArguments.ts +87 -0
package/tui/src/tools/_shared/documentPrimitiveTimeout.ts +13 -0
package/tui/src/tools/_shared/documentToolResultRender.ts +98 -0
package/tui/src/tools/_shared/locationInputRepair.ts +112 -0
package/tui/src/tools/_shared/pendingCallRegistry.ts +1 -6
package/tui/src/tools/_shared/rootPrimitiveInput.ts +68 -0
package/tui/src/tools/_shared/toolChoiceRepair/documentCompletionPatterns.ts +58 -0
package/tui/src/tools/_shared/toolChoiceRepair/documentCompletionPrompt.ts +271 -0
package/tui/src/tools/_shared/toolChoiceRepair/documentRepair.ts +452 -0
package/tui/src/tools/_shared/toolChoiceRepair/messageAccess.ts +80 -0
package/tui/src/tools/_shared/toolChoiceRepair/publicDataRepair.ts +92 -0
package/tui/src/tools/_shared/toolChoiceRepair/supportRepair.ts +135 -0
package/tui/src/tools/_shared/toolChoiceRepair.ts +61 -0
package/tui/src/tools/shared/mockDisclaimer.ts +1 -1
package/tui/src/tools.ts +39 -190
package/tui/src/types/fileSuggestion.ts +4 -26
package/tui/src/types/generated/events_mono/claude_code/v1/claude_code_internal_event.ts +186 -148
package/tui/src/types/generated/events_mono/common/v1/auth.ts +25 -11
package/tui/src/types/generated/events_mono/growthbook/v1/growthbook_experiment_event.ts +47 -30
package/tui/src/types/generated/google/protobuf/timestamp.ts +21 -7
package/tui/src/types/message.ts +80 -102
package/tui/src/types/messageQueueTypes.ts +6 -28
package/tui/src/types/notebook.ts +16 -38
package/tui/src/types/statusLine.ts +4 -26
package/tui/src/types/tools.ts +24 -46
package/tui/src/types/utils.ts +6 -28
package/tui/src/upstreamproxy/relay.ts +7 -3
package/tui/src/upstreamproxy/upstreamproxy.ts +1 -1
package/tui/src/utils/assistantMessageFactories.ts +9 -3
package/tui/src/utils/attachments.ts +1 -1
package/tui/src/utils/auth.ts +129 -139
package/tui/src/utils/bash/ast.ts +23 -23
package/tui/src/utils/bash/bashParser.ts +5 -5
package/tui/src/utils/billing.ts +1 -1
package/tui/src/utils/collapseReadSearch.ts +3 -3
package/tui/src/utils/cronTasks.ts +1 -1
package/tui/src/utils/execFileNoThrow.ts +1 -1
package/tui/src/utils/filePersistence/types.ts +16 -38
package/tui/src/utils/forkedAgent.ts +1 -1
package/tui/src/utils/gracefulShutdown.ts +4 -4
package/tui/src/utils/heapDumpService.ts +12 -8
package/tui/src/utils/hooks/apiQueryHookHelper.ts +1 -1
package/tui/src/utils/hooks/execPromptHook.ts +1 -1
package/tui/src/utils/hooks/skillImprovement.ts +1 -1
package/tui/src/utils/kExaoneReasoning.ts +138 -0
package/tui/src/utils/mcp/dateTimeParser.ts +1 -1
package/tui/src/utils/messages.ts +19 -0
package/tui/src/utils/migrateSessions.ts +3 -3
package/tui/src/utils/model/model.ts +6 -6
package/tui/src/utils/multiToolLayout.ts +13 -0
package/tui/src/utils/permissions/yoloClassifier.ts +1 -1
package/tui/src/utils/plugins/headlessPluginInstall.ts +1 -1
package/tui/src/utils/plugins/mcpPluginIntegration.ts +1 -1
package/tui/src/utils/plugins/mcpbHandler.ts +1 -1
package/tui/src/utils/plugins/pluginLoader.ts +8 -8
package/tui/src/utils/processUserInput/processSlashCommand.tsx +2 -2
package/tui/src/utils/processUserInput/processUserInput.ts +26 -0
package/tui/src/utils/protectedNamespace.ts +5 -3
package/tui/src/utils/rawJsonToolCall.ts +242 -0
package/tui/src/utils/ripgrep.ts +16 -7
package/tui/src/utils/sessionTitle.ts +1 -1
package/tui/src/utils/settings/applySettingsChange.ts +4 -0
package/tui/src/utils/settings/permissionValidation.ts +14 -2
package/tui/src/utils/settings/types.ts +9 -3
package/tui/src/utils/shell/prefix.ts +1 -1
package/tui/src/utils/sideQuery.ts +1 -1
package/tui/src/utils/stats.ts +1 -1
package/tui/src/utils/systemThemeWatcher.ts +13 -3
package/tui/src/utils/teleport.tsx +1 -1
package/uv.lock +394 -22
package/assets/copilot-gate-logo.svg +0 -58
package/assets/govon-logo.svg +0 -40
package/src/ummaya/eval/__init__.py +0 -5
package/src/ummaya/eval/retrieval.py +0 -713
package/tui/src/services/api/claude.ts +0 -3510
package/tui/src/utils/messageStream.ts +0 -186

package/tui/src/tools/BashTool/call.ts ADDED Viewed

@@ -0,0 +1,202 @@
+import type { CanUseToolFn } from 'src/hooks/useCanUseTool.js';
+import { type AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS, logEvent } from '../../services/analytics/index.js';
+import type { ToolCallProgress, ToolUseContext } from '../../Tool.js';
+import type { AssistantMessage } from '../../types/message.js';
+import type { BashProgress } from '../../types/tools.js';
+import { extractClaudeCodeHints } from '../../utils/claudeCodeHints.js';
+import { detectCodeIndexingFromCommand } from '../../utils/codeIndexing.js';
+import { ShellError } from '../../utils/errors.js';
+import { EndTruncatingAccumulator } from '../../utils/stringUtils.js';
+import { maybeRecordPluginHint } from '../../utils/plugins/hintRecommendation.js';
+import type { ExecResult } from '../../utils/ShellCommand.js';
+import { resetShellCwdIfOutsideProject } from './cwdReset.js';
+import { resizeShellImageOutput, stdErrAppendShellResetMessage, stripEmptyLines, isImageOutput } from './shellOutputUtils.js';
+import { interpretCommandResult } from './commandSemantics.js';
+import { trackGitOperations } from '../shared/gitOperationTracking.js';
+import { runShellCommand } from './shellExecution.js';
+import { persistLargeShellOutput } from './outputPersistence.js';
+import { applySedEdit } from './sedEditExecution.js';
+import { isSilentBashCommand } from './commandClassification.js';
+import type { BashToolInput, Out } from './schemas.js';
+import { annotateShellStderrWithSandboxFailures } from './sandboxPolicy.js';
+const EOL = '\n';
+export async function callBashTool(
+  input: BashToolInput,
+  toolUseContext: ToolUseContext,
+  _canUseTool?: CanUseToolFn,
+  parentMessage?: AssistantMessage,
+  onProgress?: ToolCallProgress<BashProgress>
+): Promise<{ readonly data: Out }> {
+  if (input._simulatedSedEdit) {
+    return applySedEdit(input._simulatedSedEdit, toolUseContext, parentMessage);
+  }
+  const { abortController, getAppState, setAppState, setToolJSX } = toolUseContext;
+  const stdoutAccumulator = new EndTruncatingAccumulator();
+  let stderrForShellReset = '';
+  let interpretationResult: ReturnType<typeof interpretCommandResult> | undefined;
+  let wasInterrupted = false;
+  const isMainThread = !toolUseContext.agentId;
+  const preventCwdChanges = !isMainThread;
+  const { execResult } = await consumeBashCommand({
+    input,
+    toolUseContext,
+    preventCwdChanges,
+    isMainThread,
+    onProgress
+  });
+  try {
+    trackGitOperations(input.command, execResult.code, execResult.stdout);
+    const isInterrupt = execResult.interrupted && abortController.signal.reason === 'interrupt';
+    stdoutAccumulator.append((execResult.stdout || '').trimEnd() + EOL);
+    interpretationResult = interpretCommandResult(input.command, execResult.code, execResult.stdout || '', '');
+    if (execResult.stdout && execResult.stdout.includes(".git/index.lock': File exists")) {
+      logEvent('tengu_git_index_lock_error', {});
+    }
+    if (interpretationResult.isError && !isInterrupt && execResult.code !== 0) {
+      stdoutAccumulator.append(`Exit code ${execResult.code}`);
+    }
+    if (!preventCwdChanges) {
+      const appState = getAppState();
+      if (resetShellCwdIfOutsideProject(appState.toolPermissionContext)) {
+        stderrForShellReset = stdErrAppendShellResetMessage('');
+      }
+    }
+    const outputWithSbFailures = annotateShellStderrWithSandboxFailures(input.command, execResult.stdout || '');
+    if (execResult.preSpawnError) {
+      throw new Error(execResult.preSpawnError);
+    }
+    if (interpretationResult.isError && !isInterrupt) {
+      throw new ShellError('', outputWithSbFailures, execResult.code, execResult.interrupted);
+    }
+    wasInterrupted = execResult.interrupted;
+  } finally {
+    if (setToolJSX) setToolJSX(null);
+  }
+  const stdout = stdoutAccumulator.toString();
+  const persisted = await persistLargeShellOutput(execResult);
+  logShellExecution(input.command, stdout, execResult.code, wasInterrupted);
+  let strippedStdout = stripEmptyLines(stdout);
+  const extracted = extractClaudeCodeHints(strippedStdout, input.command);
+  strippedStdout = extracted.stripped;
+  if (isMainThread && extracted.hints.length > 0) {
+    for (const hint of extracted.hints) maybeRecordPluginHint(hint);
+  }
+  const imageResult = await normalizeImageOutput(strippedStdout, execResult.outputFilePath, persisted.size);
+  return {
+    data: {
+      stdout: imageResult.stdout,
+      stderr: stderrForShellReset,
+      interrupted: wasInterrupted,
+      isImage: imageResult.isImage,
+      returnCodeInterpretation: interpretationResult?.message,
+      noOutputExpected: isSilentBashCommand(input.command),
+      backgroundTaskId: execResult.backgroundTaskId,
+      backgroundedByUser: execResult.backgroundedByUser,
+      assistantAutoBackgrounded: execResult.assistantAutoBackgrounded,
+      dangerouslyDisableSandbox: 'dangerouslyDisableSandbox' in input ? input.dangerouslyDisableSandbox : undefined,
+      persistedOutputPath: persisted.path,
+      persistedOutputSize: persisted.size
+    }
+  };
+}
+type ConsumeInput = {
+  readonly input: BashToolInput;
+  readonly toolUseContext: ToolUseContext;
+  readonly preventCwdChanges: boolean;
+  readonly isMainThread: boolean;
+  readonly onProgress?: ToolCallProgress<BashProgress>;
+};
+type ConsumeResult = {
+  readonly execResult: ExecResult;
+};
+async function consumeBashCommand({
+  input,
+  toolUseContext,
+  preventCwdChanges,
+  isMainThread,
+  onProgress
+}: ConsumeInput): Promise<ConsumeResult> {
+  const commandGenerator = runShellCommand({
+    input,
+    abortController: toolUseContext.abortController,
+    setAppState: toolUseContext.setAppStateForTasks ?? toolUseContext.setAppState,
+    setToolJSX: toolUseContext.setToolJSX,
+    preventCwdChanges,
+    isMainThread,
+    toolUseId: toolUseContext.toolUseId,
+    agentId: toolUseContext.agentId
+  });
+  let progressCounter = 0;
+  let generatorResult;
+  do {
+    generatorResult = await commandGenerator.next();
+    if (!generatorResult.done && onProgress) {
+      const progress = generatorResult.value;
+      onProgress({
+        toolUseID: `bash-progress-${progressCounter++}`,
+        data: {
+          type: 'bash_progress',
+          output: progress.output,
+          fullOutput: progress.fullOutput,
+          elapsedTimeSeconds: progress.elapsedTimeSeconds,
+          totalLines: progress.totalLines,
+          totalBytes: progress.totalBytes,
+          taskId: progress.taskId,
+          timeoutMs: progress.timeoutMs
+        }
+      });
+    }
+  } while (!generatorResult.done);
+  return {
+    execResult: generatorResult.value
+  };
+}
+function logShellExecution(command: string, stdout: string, code: number, interrupted: boolean): void {
+  const commandType = command.split(' ')[0];
+  logEvent('tengu_bash_tool_command_executed', {
+    command_type: commandType as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS,
+    stdout_length: stdout.length,
+    stderr_length: 0,
+    exit_code: code,
+    interrupted
+  });
+  const codeIndexingTool = detectCodeIndexingFromCommand(command);
+  if (codeIndexingTool) {
+    logEvent('tengu_code_indexing_tool_used', {
+      tool: codeIndexingTool as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS,
+      source: 'cli' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS,
+      success: code === 0
+    });
+  }
+}
+type ImageOutput = {
+  readonly stdout: string;
+  readonly isImage: boolean;
+};
+async function normalizeImageOutput(stdout: string, outputFilePath?: string, persistedOutputSize?: number): Promise<ImageOutput> {
+  if (!isImageOutput(stdout)) {
+    return {
+      stdout,
+      isImage: false
+    };
+  }
+  const resized = await resizeShellImageOutput(stdout, outputFilePath, persistedOutputSize);
+  if (resized) {
+    return {
+      stdout: resized,
+      isImage: true
+    };
+  }
+  return {
+    stdout,
+    isImage: false
+  };
+}

package/tui/src/tools/BashTool/callLoader.ts ADDED Viewed

@@ -0,0 +1,35 @@
+import { createRequire } from 'node:module'
+import type { CanUseToolFn } from 'src/hooks/useCanUseTool.js'
+import type { ToolCallProgress, ToolUseContext } from '../../Tool.js'
+import type { AssistantMessage } from '../../types/message.js'
+import type { BashProgress } from '../../types/tools.js'
+import type { BashToolInput, Out } from './schemas.js'
+type BashCallRuntime = {
+  readonly callBashTool: (
+    input: BashToolInput,
+    toolUseContext: ToolUseContext,
+    canUseTool?: CanUseToolFn,
+    parentMessage?: AssistantMessage,
+    onProgress?: ToolCallProgress<BashProgress>,
+  ) => Promise<{ readonly data: Out }>
+}
+const requireModule = createRequire(import.meta.url)
+let cachedRuntime: BashCallRuntime | undefined
+function isBashCallRuntime(value: unknown): value is BashCallRuntime {
+  if (typeof value !== 'object' || value === null) return false
+  const module = value as Partial<Record<keyof BashCallRuntime, unknown>>
+  return typeof module.callBashTool === 'function'
+}
+export function loadBashCallRuntime(): BashCallRuntime {
+  if (cachedRuntime !== undefined) return cachedRuntime
+  const loaded: unknown = requireModule('./call.js')
+  if (!isBashCallRuntime(loaded)) {
+    throw new Error('Bash call module did not expose expected lifecycle')
+  }
+  cachedRuntime = loaded
+  return loaded
+}

package/tui/src/tools/BashTool/commandClassification.ts ADDED Viewed

@@ -0,0 +1,151 @@
+import type { AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS } from '../../services/analytics/index.js';
+import { splitCommand_DEPRECATED, splitCommandWithOperators } from '../../utils/bash/commands.js';
+const BASH_SEARCH_COMMANDS = new Set(['find', 'grep', 'rg', 'ag', 'ack', 'locate', 'which', 'whereis']);
+const BASH_READ_COMMANDS = new Set(['cat', 'head', 'tail', 'less', 'more', 'wc', 'stat', 'file', 'strings', 'jq', 'awk', 'cut', 'sort', 'uniq', 'tr']);
+const BASH_LIST_COMMANDS = new Set(['ls', 'tree', 'du']);
+const BASH_SEMANTIC_NEUTRAL_COMMANDS = new Set(['echo', 'printf', 'true', 'false', ':']);
+const BASH_SILENT_COMMANDS = new Set(['mv', 'cp', 'rm', 'mkdir', 'rmdir', 'chmod', 'chown', 'chgrp', 'touch', 'ln', 'cd', 'export', 'unset', 'wait']);
+const DISALLOWED_AUTO_BACKGROUND_COMMANDS = ['sleep'];
+const COMMON_BACKGROUND_COMMANDS = ['npm', 'yarn', 'pnpm', 'node', 'python', 'python3', 'go', 'cargo', 'make', 'docker', 'terraform', 'webpack', 'vite', 'jest', 'pytest', 'curl', 'wget', 'build', 'test', 'serve', 'watch', 'dev'] as const;
+type SearchReadClassification = {
+  readonly isSearch: boolean;
+  readonly isRead: boolean;
+  readonly isList: boolean;
+};
+const NOT_SEARCH_OR_READ: SearchReadClassification = {
+  isSearch: false,
+  isRead: false,
+  isList: false
+};
+export function isSearchOrReadBashCommand(command: string): SearchReadClassification {
+  let partsWithOperators: string[];
+  try {
+    partsWithOperators = splitCommandWithOperators(command);
+  } catch (error) {
+    if (error instanceof Error) {
+      return NOT_SEARCH_OR_READ;
+    }
+    throw error;
+  }
+  if (partsWithOperators.length === 0) {
+    return NOT_SEARCH_OR_READ;
+  }
+  let hasSearch = false;
+  let hasRead = false;
+  let hasList = false;
+  let hasNonNeutralCommand = false;
+  let skipNextAsRedirectTarget = false;
+  for (const part of partsWithOperators) {
+    if (skipNextAsRedirectTarget) {
+      skipNextAsRedirectTarget = false;
+      continue;
+    }
+    if (part === '>' || part === '>>' || part === '>&') {
+      skipNextAsRedirectTarget = true;
+      continue;
+    }
+    if (part === '||' || part === '&&' || part === '|' || part === ';') {
+      continue;
+    }
+    const baseCommand = part.trim().split(/\s+/)[0];
+    if (!baseCommand || BASH_SEMANTIC_NEUTRAL_COMMANDS.has(baseCommand)) {
+      continue;
+    }
+    hasNonNeutralCommand = true;
+    const isPartSearch = BASH_SEARCH_COMMANDS.has(baseCommand);
+    const isPartRead = BASH_READ_COMMANDS.has(baseCommand);
+    const isPartList = BASH_LIST_COMMANDS.has(baseCommand);
+    if (!isPartSearch && !isPartRead && !isPartList) {
+      return NOT_SEARCH_OR_READ;
+    }
+    if (isPartSearch) hasSearch = true;
+    if (isPartRead) hasRead = true;
+    if (isPartList) hasList = true;
+  }
+  if (!hasNonNeutralCommand) {
+    return NOT_SEARCH_OR_READ;
+  }
+  return {
+    isSearch: hasSearch,
+    isRead: hasRead,
+    isList: hasList
+  };
+}
+export function isSilentBashCommand(command: string): boolean {
+  let partsWithOperators: string[];
+  try {
+    partsWithOperators = splitCommandWithOperators(command);
+  } catch (error) {
+    if (error instanceof Error) {
+      return false;
+    }
+    throw error;
+  }
+  if (partsWithOperators.length === 0) {
+    return false;
+  }
+  let hasNonFallbackCommand = false;
+  let lastOperator: string | null = null;
+  let skipNextAsRedirectTarget = false;
+  for (const part of partsWithOperators) {
+    if (skipNextAsRedirectTarget) {
+      skipNextAsRedirectTarget = false;
+      continue;
+    }
+    if (part === '>' || part === '>>' || part === '>&') {
+      skipNextAsRedirectTarget = true;
+      continue;
+    }
+    if (part === '||' || part === '&&' || part === '|' || part === ';') {
+      lastOperator = part;
+      continue;
+    }
+    const baseCommand = part.trim().split(/\s+/)[0];
+    if (!baseCommand || (lastOperator === '||' && BASH_SEMANTIC_NEUTRAL_COMMANDS.has(baseCommand))) {
+      continue;
+    }
+    hasNonFallbackCommand = true;
+    if (!BASH_SILENT_COMMANDS.has(baseCommand)) {
+      return false;
+    }
+  }
+  return hasNonFallbackCommand;
+}
+export function isAutobackgroundingAllowed(command: string): boolean {
+  const parts = splitCommand_DEPRECATED(command);
+  if (parts.length === 0) return true;
+  const baseCommand = parts[0]?.trim();
+  if (!baseCommand) return true;
+  return !DISALLOWED_AUTO_BACKGROUND_COMMANDS.includes(baseCommand);
+}
+export function detectBlockedSleepPattern(command: string): string | null {
+  const parts = splitCommand_DEPRECATED(command);
+  if (parts.length === 0) return null;
+  const first = parts[0]?.trim() ?? '';
+  const match = /^sleep\s+(\d+)\s*$/.exec(first);
+  const secondsText = match?.[1];
+  if (!secondsText) return null;
+  const seconds = parseInt(secondsText, 10);
+  if (seconds < 2) return null;
+  const rest = parts.slice(1).join(' ').trim();
+  return rest ? `sleep ${seconds} followed by: ${rest}` : `standalone sleep ${seconds}`;
+}
+export function getCommandTypeForLogging(command: string): AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS {
+  const parts = splitCommand_DEPRECATED(command);
+  if (parts.length === 0) return 'other' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS;
+  for (const part of parts) {
+    const baseCommand = part.split(' ')[0] || '';
+    if (COMMON_BACKGROUND_COMMANDS.includes(baseCommand as (typeof COMMON_BACKGROUND_COMMANDS)[number])) {
+      return baseCommand as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS;
+    }
+  }
+  return 'other' as AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS;
+}

package/tui/src/tools/BashTool/commandClassificationLoader.ts ADDED Viewed

@@ -0,0 +1,40 @@
+import { createRequire } from 'node:module'
+type SearchReadClassification = {
+  readonly isSearch: boolean
+  readonly isRead: boolean
+  readonly isList: boolean
+}
+type BashCommandClassificationRuntime = {
+  readonly isSearchOrReadBashCommand: (
+    command: string,
+  ) => SearchReadClassification
+  readonly detectBlockedSleepPattern: (command: string) => string | null
+}
+const requireModule = createRequire(import.meta.url)
+let cachedRuntime: BashCommandClassificationRuntime | undefined
+function isBashCommandClassificationRuntime(
+  value: unknown,
+): value is BashCommandClassificationRuntime {
+  if (typeof value !== 'object' || value === null) return false
+  const module = value as Partial<
+    Record<keyof BashCommandClassificationRuntime, unknown>
+  >
+  return (
+    typeof module.isSearchOrReadBashCommand === 'function' &&
+    typeof module.detectBlockedSleepPattern === 'function'
+  )
+}
+export function loadBashCommandClassificationRuntime(): BashCommandClassificationRuntime {
+  if (cachedRuntime !== undefined) return cachedRuntime
+  const loaded: unknown = requireModule('./commandClassification.js')
+  if (!isBashCommandClassificationRuntime(loaded)) {
+    throw new Error('Bash command classification module shape mismatch')
+  }
+  cachedRuntime = loaded
+  return loaded
+}

package/tui/src/tools/BashTool/cwdReset.ts ADDED Viewed

@@ -0,0 +1,33 @@
+import { createRequire } from 'node:module'
+import type { ToolPermissionContext } from '../../Tool.js'
+type CwdResetRuntime = {
+  readonly resetCwdIfOutsideProject: (
+    toolPermissionContext: ToolPermissionContext,
+  ) => boolean
+}
+const requireModule = createRequire(import.meta.url)
+let cachedRuntime: CwdResetRuntime | undefined
+function isCwdResetRuntime(value: unknown): value is CwdResetRuntime {
+  if (typeof value !== 'object' || value === null) return false
+  const module = value as Partial<Record<keyof CwdResetRuntime, unknown>>
+  return typeof module.resetCwdIfOutsideProject === 'function'
+}
+function loadCwdResetRuntime(): CwdResetRuntime {
+  if (cachedRuntime !== undefined) return cachedRuntime
+  const loaded: unknown = requireModule('./utils.js')
+  if (!isCwdResetRuntime(loaded)) {
+    throw new Error('Bash utility module did not expose cwd reset helper')
+  }
+  cachedRuntime = loaded
+  return loaded
+}
+export function resetShellCwdIfOutsideProject(
+  toolPermissionContext: ToolPermissionContext,
+): boolean {
+  return loadCwdResetRuntime().resetCwdIfOutsideProject(toolPermissionContext)
+}

package/tui/src/tools/BashTool/lineTruncation.ts ADDED Viewed

@@ -0,0 +1,11 @@
+const MAX_LINES_TO_SHOW = 3
+export function isShellOutputLineTruncated(content: string): boolean {
+  let position = 0
+  for (let line = 0; line <= MAX_LINES_TO_SHOW; line++) {
+    position = content.indexOf('\n', position)
+    if (position === -1) return false
+    position++
+  }
+  return position < content.length
+}

package/tui/src/tools/BashTool/modeValidation.ts CHANGED Viewed

@@ -3,6 +3,9 @@ import type { ToolPermissionContext } from '../../Tool.js'
 import { splitCommand_DEPRECATED } from '../../utils/bash/commands.js'
 import type { PermissionResult } from '../../utils/permissions/PermissionResult.js'
 import type { BashTool } from './BashTool.js'
+import { getDestructiveCommandWarning } from './destructiveCommandWarning.js'
+import { getBypassImmuneShellPermissionResult } from './shellPermissionGauntlet.js'
+import { BASH_TOOL_NAME } from './toolName.js'
 const ACCEPT_EDITS_ALLOWED_COMMANDS = [
   'mkdir',
@@ -73,8 +76,17 @@ export function checkPermissionMode(
   input: z.infer<typeof BashTool.inputSchema>,
   toolPermissionContext: ToolPermissionContext,
 ): PermissionResult {
-  // Skip if in bypass mode (handled elsewhere)
   if (toolPermissionContext.mode === 'bypassPermissions') {
+    const bypassImmuneResult = getBypassImmuneShellPermissionResult(
+      input.command,
+      BASH_TOOL_NAME,
+      toolPermissionContext,
+      getDestructiveCommandWarning,
+    )
+    if (bypassImmuneResult !== null) {
+      return bypassImmuneResult
+    }
     return {
       behavior: 'passthrough',
       message: 'Bypass mode is handled in main permission flow',

package/tui/src/tools/BashTool/outputPersistence.ts ADDED Viewed

@@ -0,0 +1,42 @@
+import { copyFile, link, stat as fsStat, truncate as fsTruncate } from 'fs/promises';
+import { ensureToolResultsDir, getToolResultPath } from '../../utils/toolResultStorage.js';
+import type { ExecResult } from '../../utils/ShellCommand.js';
+const MAX_PERSISTED_SIZE = 64 * 1024 * 1024;
+type PersistedOutput = {
+  readonly path?: string;
+  readonly size?: number;
+};
+export async function persistLargeShellOutput(result: ExecResult): Promise<PersistedOutput> {
+  if (!result.outputFilePath || !result.outputTaskId) {
+    return {};
+  }
+  try {
+    const fileStat = await fsStat(result.outputFilePath);
+    await ensureToolResultsDir();
+    const dest = getToolResultPath(result.outputTaskId, false);
+    if (fileStat.size > MAX_PERSISTED_SIZE) {
+      await fsTruncate(result.outputFilePath, MAX_PERSISTED_SIZE);
+    }
+    try {
+      await link(result.outputFilePath, dest);
+    } catch (error) {
+      if (error instanceof Error) {
+        await copyFile(result.outputFilePath, dest);
+      } else {
+        throw error;
+      }
+    }
+    return {
+      path: dest,
+      size: fileStat.size
+    };
+  } catch (error) {
+    if (error instanceof Error) {
+      return {};
+    }
+    throw error;
+  }
+}

package/tui/src/tools/BashTool/permissionClassification.ts ADDED Viewed

@@ -0,0 +1,66 @@
+import { feature } from 'bun:bundle';
+import type { ToolUseContext, ValidationResult } from '../../Tool.js';
+import type { PermissionResult } from '../../utils/permissions/PermissionResult.js';
+import { parseForSecurity } from '../../utils/bash/ast.js';
+import { bashToolHasPermission, commandHasAnyCd, matchWildcardPattern, permissionRuleExtractPrefix } from './bashPermissions.js';
+import { checkReadOnlyConstraints } from './readOnlyValidation.js';
+import { getDestructiveCommandWarning } from './destructiveCommandWarning.js';
+import { getBypassImmuneShellPermissionResult } from './shellPermissionGauntlet.js';
+import { BASH_TOOL_NAME } from './toolName.js';
+import { detectBlockedSleepPattern } from './commandClassification.js';
+import { isBackgroundTasksDisabled } from './schemas.js';
+import type { BashToolInput } from './schemas.js';
+export async function validateBashInput(input: BashToolInput): Promise<ValidationResult> {
+  if (feature('MONITOR_TOOL') && !isBackgroundTasksDisabled && !input.run_in_background) {
+    const sleepPattern = detectBlockedSleepPattern(input.command);
+    if (sleepPattern !== null) {
+      return {
+        result: false,
+        message: `Blocked: ${sleepPattern}. Run blocking commands in the background with run_in_background: true — you'll get a completion notification when done. For streaming events (watching logs, polling APIs), use the Monitor tool. If you genuinely need a delay (rate limiting, deliberate pacing), keep it under 2 seconds.`,
+        errorCode: 10
+      };
+    }
+  }
+  return {
+    result: true
+  };
+}
+export function isBashReadOnly(input: BashToolInput): boolean {
+  const compoundCommandHasCd = commandHasAnyCd(input.command);
+  const result = checkReadOnlyConstraints(input, compoundCommandHasCd);
+  return result.behavior === 'allow';
+}
+export async function prepareBashPermissionMatcher({
+  command
+}: BashToolInput): Promise<(pattern: string) => boolean> {
+  const parsed = await parseForSecurity(command);
+  if (parsed.kind !== 'simple') {
+    return () => true;
+  }
+  const subcommands = parsed.commands.map(c => c.argv.join(' '));
+  return pattern => {
+    const prefix = permissionRuleExtractPrefix(pattern);
+    return subcommands.some(cmd => {
+      if (prefix !== null) {
+        return cmd === prefix || cmd.startsWith(`${prefix} `);
+      }
+      return matchWildcardPattern(pattern, cmd);
+    });
+  };
+}
+export async function checkBashPermissions(input: BashToolInput, context: ToolUseContext): Promise<PermissionResult> {
+  const bypassImmuneResult = getBypassImmuneShellPermissionResult(
+    input.command,
+    BASH_TOOL_NAME,
+    context.getAppState().toolPermissionContext,
+    getDestructiveCommandWarning
+  );
+  if (bypassImmuneResult !== null) {
+    return bypassImmuneResult;
+  }
+  return bashToolHasPermission(input, context);
+}

package/tui/src/tools/BashTool/permissionLoader.ts ADDED Viewed

@@ -0,0 +1,44 @@
+import { createRequire } from 'node:module'
+import type { ToolUseContext, ValidationResult } from '../../Tool.js'
+import type { PermissionResult } from '../../utils/permissions/PermissionResult.js'
+import type { BashToolInput } from './schemas.js'
+type BashPermissionRuntime = {
+  readonly validateBashInput: (
+    input: BashToolInput,
+  ) => Promise<ValidationResult>
+  readonly isBashReadOnly: (input: BashToolInput) => boolean
+  readonly prepareBashPermissionMatcher: (
+    input: BashToolInput,
+  ) => Promise<(pattern: string) => boolean>
+  readonly checkBashPermissions: (
+    input: BashToolInput,
+    context: ToolUseContext,
+  ) => Promise<PermissionResult>
+}
+const requireModule = createRequire(import.meta.url)
+let cachedRuntime: BashPermissionRuntime | undefined
+function isBashPermissionRuntime(
+  value: unknown,
+): value is BashPermissionRuntime {
+  if (typeof value !== 'object' || value === null) return false
+  const module = value as Partial<Record<keyof BashPermissionRuntime, unknown>>
+  return (
+    typeof module.validateBashInput === 'function' &&
+    typeof module.isBashReadOnly === 'function' &&
+    typeof module.prepareBashPermissionMatcher === 'function' &&
+    typeof module.checkBashPermissions === 'function'
+  )
+}
+export function loadBashPermissionRuntime(): BashPermissionRuntime {
+  if (cachedRuntime !== undefined) return cachedRuntime
+  const loaded: unknown = requireModule('./permissionClassification.js')
+  if (!isBashPermissionRuntime(loaded)) {
+    throw new Error('Bash permission module did not expose expected functions')
+  }
+  cachedRuntime = loaded
+  return loaded
+}